When is there a right - and when not - to receive compensation for damages due to an infringement of data protection legislation according to the CJEU?
The breach of data protection legislation can lead not just to penalties from the competent authorities, but also to the obligation to compensate the data subjects for the damages sustained. The Court of Justice of the European Union (CJEU) has recently ruled on the subject, creating case law regarding the requirements and limits of civil liability in this area. In this article we will analyze the criteria offered to date by the CJEU.Data Economy, Privacy and Cybersecurity Newsletter - October 2024
In this newsletter, we bring you the latest updates on data protection, privacy and cybersecurity. We cover the most recent rulings from relevant authorities and agencies, key court decisions, and the most important news in this field.The regulatory and supervisory labyrinth in the digital agenda for Europe: rationalization proposals
The publication of the Artificial Intelligence Act has brought a complex regulatory framework for overseeing the use of AI, with surveillance and supervisory authorities that overlap and co-exist with others in the digital economy. In its quest for efficient governance that is coherent with other regulations such as the GDPR, the European Data Protection Board (EDPB) recommends that the data protection authorities perform supervisory functions in order to avoid a dispersal of public authorities.China Legal Newsletter - October 2024
This newsletter highlights key recent developments in China’s laws and regulations. Specifically, it focuses on the laws and regulations related to foreign investment, market access, foreign debt administration, data economy, privacy and cybersecurity, labor and employment, life sciences and healthcare, as well as other topics.Everything you need to know about the plan to implement new whistleblowing legislation in Portugal
By June 18, 2022, companies (whether public or private) and public entities, especially those employing 50 or more workers, are obliged to implement a whistleblowing channel so that workers, shareholders, members of corporate bodies, service providers, suppliers and other reporting parties, including within the context of a professional relationship that has since ended, might report breaches of the legislation referring to various areas.China’s Personal Information Protection Law: things you need to know
Recently, China formally passed the Personal Information Protection Law (PIPL), which is the first comprehensive national level personal data protection law of this country. PIPL will become effective as of November 1, 2021, leaving a short time for the companies operating in China (and even certain foreign companies) to become fully compliant to the new personal data protection regime.China’s Supreme People’s Court sets rules for facial recognition technology
On July 28, 2021, China’s Supreme People’s Court (the top judicial authority) published the 'Provisions on Relevant Issues on the Application of Laws in Hearing Civil Cases Related to the Application of Facial Recognition Technology in Processing Personal Information'. The provisions came into force as of August 1, 2021. They provided guidance for the courts to apply the rules scattered in Civil Code, Cybersecurity Law, Consumer Rights Protection Law, E-Commerce Law, etc. on personal data processing by using facial recognition technology, and have also set specific rules based on the recent practices of the Chinese courts. In this article we provide our comments on several highlights in the provisions.China sets new rules on security vulnerability of network products
China’s Ministry of Industry and Information Technology (MIIT), Cybersecurity Administration of China (CAC) and Ministry of Public Security (MPS) jointly published the Provisions on Administration of Security Vulnerability of Network Products (Provisions), which will be in force as of September 1, 2021. The Provisions have established rules for the detection, collection, publication and other activities in relation to the security vulnerability of network products.China to enhance cybersecurity review measures
A few days ago, Cyber Administration of China (CAC) has shaken the online business sector with the cybersecurity review on Didi (world’s biggest online ride-hailing company) and other three online business companies to prevent data security risks, citing the Cybersecurity Review Measures.